Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
194301	7.5	危険	ATRC	-	ATutor における SQL インジェクションの脆弱性	-	CVE-2007-0381	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194302	5	警告	docman	-	DocMan における重要な情報 (フルパス) を取得される脆弱性	-	CVE-2007-0380	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194303	6.8	警告	docman	-	DocMan におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0379	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194304	7.5	危険	docman	-	DocMan における SQL インジェクションの脆弱性	-	CVE-2007-0378	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194305	7.5	危険	francisco burzi	-	Francisco Burzi PHP-Nuke における SQL インジェクションの脆弱性	-	CVE-2007-0372	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194306	4.3	警告	common controls replacement project	-	CCRP BrowseDialog Server の ccrpbds6.dll におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0371	2012-06-26 15:46	2007-01-19	Show	GitHub Exploit DB Packet Storm

194307	7.5	危険	comscripts	-	PHPMyphorum の mep/frame.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0361	2012-06-26 15:46	2007-01-18	Show	GitHub Exploit DB Packet Storm

194308	5	警告	fritzdsl	-	Fritz!DSL の AVM IGD CTRL Service におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-0357	2012-06-26 15:46	2007-01-18	Show	GitHub Exploit DB Packet Storm

194309	5	警告	マイクロソフト common controls replacement project	-	CCRP FTV ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0356	2012-06-26 15:46	2007-01-18	Show	GitHub Exploit DB Packet Storm

194310	4.3	警告	cvstrac	-	CVSTrac の format.c の is_eow 関数におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-0347	2012-06-26 15:46	2007-01-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 17, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211	-		-	-	Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-… New	CWE-400 Uncontrolled Resource Consumption	CVE-2024-52520	2024-11-16 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

212	4.9	MEDIUM Network	-	-	A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This… New	CWE-20 Improper Input Validation	CVE-2021-1470	2024-11-16 02:35	2024-11-16	Show	GitHub Exploit DB Packet Storm

213	7.8	HIGH Local	dell	smartfabric_os10	Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit … Update	CWE-77 Command Injection	CVE-2024-49560	2024-11-16 02:35	2024-11-12	Show	GitHub Exploit DB Packet Storm

214	7.8	HIGH Local	dell	smartfabric_os10	Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potenti… Update	NVD-CWE-noinfo	CVE-2024-49558	2024-11-16 02:35	2024-11-12	Show	GitHub Exploit DB Packet Storm

215	8.8	HIGH Network	anisha	job_recruitment	A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulat… Update	CWE-89 SQL Injection	CVE-2024-11127	2024-11-16 02:29	2024-11-13	Show	GitHub Exploit DB Packet Storm

216	7.5	HIGH Network	eclipse	mosquitto	In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "U… Update	CWE-416 CWE-401 CWE-755 Use After Free Missing Release of Memory after Effective Lifetime Improper Handling of Exceptional Conditions	CVE-2024-8376	2024-11-16 02:21	2024-10-12	Show	GitHub Exploit DB Packet Storm

217	5.4	MEDIUM Network	nicheaddons	sales_page_addon	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Sales Page Addon – Elementor & Beaver Builder allows Stored XSS.This issue aff… Update	CWE-79 Cross-site Scripting	CVE-2024-51585	2024-11-16 02:17	2024-11-10	Show	GitHub Exploit DB Packet Storm

218	5.4	MEDIUM Network	modernaweb	black_widgets_for_elementor	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black W… Update	CWE-79 Cross-site Scripting	CVE-2024-51662	2024-11-16 02:16	2024-11-9	Show	GitHub Exploit DB Packet Storm

219	-		-	-	Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… New	CWE-285 Improper Authorization	CVE-2024-52528	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

220	-		-	-	Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… New	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-52525	2024-11-16 02:15	2024-11-16	Show	GitHub Exploit DB Packet Storm